SOFTPAQ NUMBER: SP17926 PART NUMBER: N/A FILE NAME: SP17926.EXE TITLE: Compaq Web-Enabled Management Software Security Patch VERSION: 4.0 LANGUAGE: English CATEGORY: Software Solutions DIVISIONS: Systems PRODUCTS AFFECTED: Compaq Insight Management Agents for Servers Compaq Survey Utility Compaq Power Management Compaq Intelligent Cluster Administrator Compaq Availability Agents Compaq Insight Manager XE OPERATING SYSTEM: Microsoft Windows NT 4.0 and Windows 2000 SYSTEM CONFIGURATION: N/A PREREQUISITES: N/A EFFECTIVE DATE: September 14, 2001 ELECTRONIC DISTRIBUTION ALLOWED: Yes SOFTPAQ UTILITY VERSION: 4.0 SUPERSEDES: N/A DESCRIPTION: This update fixes a potential security vulnerability in Compaq web-enabled management software. Compaq strongly recommends that you update your software as soon as possible. Compaq Web Enabled Management Software can cause a potential buffer overflow security vulnerability. This vulnerability has the potential to enable unauthorized users to execute code at an administrator level through the exploitation of a buffer overflowsecurity vulnerability in its Web-enabled Management Software. This batch file copies the files needed to fix a potential security issue in Compaq web-enabled management software. If running Compaq Insight Manager XE versions earlier than 2.0, then please upgrade it to versions 2.0 or greater. HOW TO USE: Have all the associated files (see file list at the end of this text file) in a single directory on your hard drive. From a DOS command shell change to that drive and directory and type: patchweb patch This will replace the necessary files. HOW TO RESTORE YOUR ORIGINAL CONFIGURATION: To restore the original versions of the patched files type: patchweb restore FILE LIST: sp17296.txt patchweb.bat findver.exe regtool.exe strexp.exe cpqhmmo1.fre cpqhmmo2.fre cpqlogin.frm Default.frm Copyright 2001, Compaq Computer Corporation. All rights reserved. Product names mentioned herein may be trademarks and/or registered trademarks of their respective companies